FBI warns hacking spree on government agencies is a “widespread problem”

Hack linked to man who said: "You have no idea how much we can f*ck with the US."

The FBI is warning that members of the Anonymous hacking collective have breached computers belonging to multiple government agencies and made off with sensitive information in a series of attacks that started almost a year ago, according to a published report.

The warning is linked to the case of a British resident indicted two weeks ago on charges that he hacked databases belonging to the Department of Energy, the Department of Health and Human Services, the US Sentencing Commission, and other US agencies, Reuters reported Friday, citing an FBI memo. Lauri Love, prosecutors have alleged, exploited a flaw in Adobe's ColdFusion Web application development software and used his access to install backdoors that allowed him to return on subsequent occasions.

"The majority of the intrusions have not yet been made publicly known," Thursday's FBI memo stated. "It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed."

Reuters cited an October 11 e-mail from Energy Secretary Ernest Moniz's chief of staff, Kevin Knobloch. In it, he said compromised data included personal information on at least 104,000 employees, contractors, family members, and others associated with the Department of Energy. Also included was data for some 2,000 bank accounts.

According to the October 28 indictment, the hacks that Love and others carried out gave them illegal access to thousands of computer systems belonging to the US government and others. The access allowed them to download massive quantities of data that resulted in millions of dollars in damages to victims, prosecutors said.

"You have no idea how much we can fuck with the US government if we wanted to," Love told a hacking colleague in one exchange over Internet relay chat, according to the indictment. "This... stuff is really sensitive. It's basically every piece of information you'd need to do full identity theft on any employee or contractor" for the hacked agency.

An Adobe spokeswoman told Reuters she was unfamiliar with the FBI memo. She went on to say the majority of attacks involving its software exploited vulnerabilities in older versions that were already fixed in more recent releases.